Reports are emerging that Cellebrite, the company that makes surveillance software, has become a victim of a sophisticated hacking attack, losing 900GB of data belonging to its clients.
In a statement, the company has acknowledged that it has been a victim of a hacking attack in the recent past and that unknown individuals have managed to access one of its external servers that the company uses to store some client-related information.
‘We recently experienced unauthorised access to one of our external web servers,’ the statement by the company read in part.
The statement further added that the company was conducting investigations to determine the extent of the breach and the type of information that had been lost. However, the company was quick to acknowledge that it had lost some data belonging to its clients.
‘Presently, it is known that the intruders accessed information belonging to our users who had registered for notifications of our new products,’ the company further added in the statement.
But it appears that the hackers managed to access a section of the website that contains a lot of information about the clients of the company. From the data that the hackers later dumped as proof of their exploit, email addresses and other files of users of the site have been identified as genuine. In other instances, it has been reported that samples of the data obtained from the dump have been subjected to verification processes and found to belong to genuine clients of Cellebrite.
Interestingly, it appears that the hackers were motivated by the need to fight back the stance that many governments are now taking about surveillance. One of the hackers believed to have been involved in the hack has been reported as having said that they are motivated by the recent trend in which governments are adopting strict regulations that allow them to undermine individual digital privacy rights deliberately.
‘To be honest, it is because of the recent stance was taken by many Western governments that we have had to do this,’ the hacker said.
In the recent past, governments across the world have been adopting a strict stance towards privacy by adopting regulations that enable government agencies to access the private data of individuals surreptitiously.
On the forefront of this trend have been companies that make special software that government agencies can use to rip data from devices. Cellebrite is widely known for its Universal Forensic Extradition Device (UFED), a small device that can seamlessly access all the data stored on any mobile device within minutes.
It appears that hackers are currently targeting companies that develop technologies that enable governments to abuse the privacy rights of individuals. A few years ago, a group of hackers successfully targeted an Italian surveillance firm called Gama International and stole 40GB of client data.
In this recent case, Cellebrite has advised its clients to change their login details as the company works to address the issue.